From 295cdb63cb5d35dcbd2adbe74691af9097a1cd26 Mon Sep 17 00:00:00 2001 From: Alexander Bantyev Date: Tue, 8 Jun 2021 19:52:32 +0300 Subject: [PATCH] tmpfs root for amd-workstation --- machines/AMD-Workstation/default.nix | 29 +++++++------------ .../hardware-configuration.nix | 6 ++-- modules/workspace/misc.nix | 2 +- modules/workspace/ssh.nix | 2 ++ 4 files changed, 18 insertions(+), 21 deletions(-) diff --git a/machines/AMD-Workstation/default.nix b/machines/AMD-Workstation/default.nix index 423e0e3..43ca028 100644 --- a/machines/AMD-Workstation/default.nix +++ b/machines/AMD-Workstation/default.nix @@ -22,27 +22,20 @@ services.apcupsd.enable = true; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + boot.loader.timeout = 4; # Otherwise it's impossible to change generations secrets.wireguard-wg0 = { }; - # networking.wireguard.interfaces.serokell = { - # listenPort = 51820; - # ips = [ - # "172.20.0.52/32" - # # "fd73:7272:ed50::52/128" - # ]; - # privateKeyFile = config.secrets.wireguard-serokell.decrypted; - # peers = [{ - # allowedIPs = [ - # "0.0.0.0/0" - # # "::/0" - # ]; - # # endpoint = "serokell.net:35944"; - # endpoint = "147.75.100.17:35944"; - # publicKey = "sgLUARawWJejANs2CwuCptwJO55c4jkmnP0L14FNCyw="; - # persistentKeepalive = 24; - # }]; - # }; + persist = { + enable = true; + cache.clean.enable = false; # Scary... + + state.homeFiles = [ ".aws/credentials" ]; + + state.directories = [ "/home/balsoft/.local/share/Steam" ]; + + derivative.directories = [ "/home/balsoft/.wine" "/home/balsoft/.wine32" ]; + }; services.ezwg = { enable = true; diff --git a/machines/AMD-Workstation/hardware-configuration.nix b/machines/AMD-Workstation/hardware-configuration.nix index e58b5f1..cf67476 100644 --- a/machines/AMD-Workstation/hardware-configuration.nix +++ b/machines/AMD-Workstation/hardware-configuration.nix @@ -12,14 +12,16 @@ boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = { + fileSystems."/persist" = { device = "/dev/nvme0n1p2"; fsType = "ext4"; + neededForBoot = true; }; - fileSystems."/home" = { + fileSystems."/persist/home" = { device = "/dev/disk/by-label/Home"; fsType = "ext4"; + neededForBoot = true; }; fileSystems."/boot" = { diff --git a/modules/workspace/misc.nix b/modules/workspace/misc.nix index 64547e6..ebc5882 100644 --- a/modules/workspace/misc.nix +++ b/modules/workspace/misc.nix @@ -29,7 +29,7 @@ home.stateVersion = "20.09"; }; - + persist.cache.directories = [ "/home/balsoft/.cache" "/var/cache" ]; services.avahi.enable = true; diff --git a/modules/workspace/ssh.nix b/modules/workspace/ssh.nix index f94a189..4741129 100644 --- a/modules/workspace/ssh.nix +++ b/modules/workspace/ssh.nix @@ -15,6 +15,8 @@ "ssh/ssh_host_rsa_key.pub" ]; + persist.state.homeFiles = [ ".ssh/known_hosts" ]; + users.users.balsoft.openssh.authorizedKeys.keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDd2OdcSHUsgezuV+cpFqk9+Svtup6PxIolv1zokVZdqvS8qxLsA/rwYmQgTnuq4/zK/GIxcUCH4OxYlW6Or4M4G7qrDKcLAUrRPWkectqEooWRflZXkfHduMJhzeOAsBdMfYZQ9024GwKr/4yriw2BGa8GbbAnQxiSeTipzvXHoXuRME+/2GsMFAfHFvxzXRG7dNOiLtLaXEjUPUTcw/fffKy55kHtWxMkEvvcdyR53/24fmO3kLVpEuoI+Mp1XFtX3DvRM9ulgfwZUn8/CLhwSLwWX4Xf9iuzVi5vJOJtMOktQj/MwGk4tY/NPe+sIk+nAUKSdVf0y9k9JrJT98S/ comment"];